According to a research published on Monday by crypto analytics company Chainalysis, about three-quarters of the money from ransomware attacks last year, about $400 million, was sent to addresses that are highly likely to be affiliated with Russia in some way. This was determined through extensive blockchain research paired with web traffic data.
During the previous year, ransomware attacks raked in more than $400 million in revenue to Russian linked digital addresses. The majority of ransomware attacks infect a user's computer via a software exploit, or by downloading unfamiliar files, among other methods. They then encrypt the victim's files and demand payment in cryptocurrency in order to decrypt the files and restore access to the victim's data.
Following a ransomware attack, the vast majority of the extorted cash are laundered via services that cater largely to Russian consumers, according to the web traffic data collected. An estimated 13% of funds transmitted from ransomware addresses to services were routed to users in Russia, more than any other area, according to the estimates.
According to the report, three criteria are used to determine whether ransomware strains are associated with Russia: whether they avoid attacking former Soviet countries, whether they use markers such as language and location, and whether they are linked to the Russian cybercrime organization Evil Corp. Evil Corp is a well-known cybercriminal group headquartered in Russia that specializes in ransomware and whose leadership is suspected to have links to the Russian government. Evil Corp has been linked to the Russian government in the past.
Chainalysis claims to have tracked several dozen crypto firms in Russia's capital, Moscow City, over the course of many months. Illegitimate and dangerous addresses account for between 29 percent and 48 percent of all cash received by businesses in any given quarter. These businesses get hundreds of millions of dollars’ worth of cryptocurrencies every quarter and are associated with the money laundering of unlawfully acquired crypto funds.
What will be the next step in the fight against crypto crime in Russia?
The year 2021 witnessed a good response to the problem of ransomware assaults. The White House said last year that it expected Moscow to clamp down on ransomware within six months.
In a hack against Colonial Pipeline initiated by Darkside, the US authorities recovered more than $2 million out of more than $4 million in crypto ransom.
Also earlier this year, Russian authorities detained 14 REvil ransomware associates who were renowned for attacking managed service providers and demanding ransom payments from their clients.
Although the Russian government and the country's central bank struck a consensus on how to regulate cryptocurrencies in the country, the regulatory position of cryptocurrencies in Russia also seems to be in disarray at the moment.